Skip to Main content Skip to Navigation
Conference papers

Categorizing Mobile Device Malware Based on System Side-Effects

Abstract : Malware targeting mobile devices is an ever increasing threat. The most insidious type of malware resides entirely in volatile memory and does not leave a trail of persistent artifacts. Such malware requires novel detection and capture methods in order to be reliably identified, analyzed and mitigated. This chapter proposes malware categorization and detection techniques based on measurable system side-effects observed in an exploited mobile device. Using the Stagefright family of exploits as a case study, common system side-effects produced as a result of attempted exploitation are identified. These system side-effects are leveraged to trigger volatile memory (i.e., RAM) collection by memory acquisition tools (e.g., LiME) to enable analysis of the malware.
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01716405
Contributor : Hal Ifip <>
Submitted on : Friday, February 23, 2018 - 3:50:41 PM
Last modification on : Friday, February 23, 2018 - 3:51:54 PM
Document(s) archivé(s) le : Friday, May 25, 2018 - 2:16:37 AM

File

456364_1_En_12_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Zachary Grimmett, Jason Staggs, Sujeet Shenoi. Categorizing Mobile Device Malware Based on System Side-Effects. 13th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2017, Orlando, FL, United States. pp.203-219, ⟨10.1007/978-3-319-67208-3_12⟩. ⟨hal-01716405⟩

Share

Metrics

Record views

90

Files downloads

50